[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via e61f9406de1 selftest:Samba4: run fl2003dc without security context multiplexing via ea0a7041771 selftest:Samba4: run the raw_protocol test with a limit of 8 auth contexts via 7bc6ec81c85 s4:rpc_server: implement security context multiplexing via a0b230631bc py:dcerpc/raw_protocol: add tests to demonstrate how security context multiplexing works via 3f535ed1adf py:dcerpc/raw_testcase: add assertEqualsStrLower() via 1d7930c8ad2 pidl/Python: use py_dcerpc_ndr_pointer_wrap/deref if multiple pointer levels are used via 8bd0f4405a3 s4:pyrpc: add py_dcerpc_ndr_pointer_deref/wrap() infrastructure via ae467704f3f s4:pyrpc: make use of pytalloc_get_type() in py_dcerpc_syntax_init_helper() via 4bb3a66ae13 s4:rpc_server/lsa: specify \pipe\lsass as ncacn_np_secondary_endpoint via 98d58722933 s4:rpc_server: make it possible to specify ncacn_np_secondary_endpoint via a650120d2ec py:dcerpc/raw_protocol: demonstrate that \pipe\lsarpc returns \pipe\lsass as secondary_address via b3659fb52d8 s4:rpc_server: only share assoc group ids on the same transport via a8feb556318 py:dcerpc/raw_protocol: add test_assoc_group_fail3() via c192dc1c9d2 s4:rpc_server: don't replace '\pipe\' with '\PIPE\' via b1c6b954a15 py:dcerpc/raw_protocol: add test_assoc_group_ok2 to check assoc groups over ncacn_np via 276286caa97 selftest:Samba4: allow dcerpc auth level connect:lsarpc = yes in chgdcpass via aa3f1f86c0c py:dcerpc/raw_protocol: enable tests with the DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN bit via 975e8e1f254 s4:rpc_server: fix DCERPC_PFC_FLAG_SUPPORT_HEADER_SIGN negotiation to match Windows via fb9f613364d py:dcerpc/raw_protocol: consistently call self.recv_pdu(timeout=0.01) after auth3 via 5466ed1232e py:dcerpc/raw_protocol: add tests for delayed header signing activation via d47f9af7cbb py:dcerpc/raw_testcase: add pfc_flags_2nd and use_auth3 options to do_generic_bind() via 6f53c993723 s4:rpc_server: SMB_ASSERT(auth->auth_finished); in order to get auth details via e9eb8e6a447 s4:rpc_server: only pass context to op_bind() hooks via 70b00c7567a s4:rpc_server: only use context within op_bind() hooks and dcesrv_interface_bind_*() functions via 28f4cb442c3 s4:rpc_server: remove unused dcesrv_connection_context->private_date via 792b6b9d697 s4:rpc_server: remove unused dcesrv_assoc_group->proxied_id via 2ed7db445bf s4:rpc_server/winreg: don't cache an ldb connection per presentation context via 9616f6b8bc9 s4:rpc_server/remote: make use dcesrv_iface_state_{store,find}_{assoc,conn}() helpers via 9d387919f61 s4:rpc_server/remote: introduce struct dcesrv_remote_call via a8134191ec0 s4:rpc_server/remote: defer the connect to the first client request via 199d4ba7ac4 s4:rpc_server/remote: fail the connection if the remote server don't support MPX via 954dd89f511 selftest: use "dcerpc_remote:allow_anonymous_fallback = yes" for rpc_proxy via 3a17389e1be s4:rpc_server/remote: add dcerpc_remote:allow_anonymous_fallback option via 23d1393a5f2 s4:rpc_server/remote: reformat code to get "dcerpc_remote:use_machine_account" via d9b88ccd811 s4:rpc_server/remote: reformat code to get "dcerpc_remote:binding" via 1f348d077b2 s4:rpc_server/remote: remote_op_bind already has the table available via 965abe8e1a5 s4:rpc_server/remote: introduce remote_get_private() via 245a0ef73f8 s4:rpc_server/dnsserver: make use of dcesrv_iface_state_{create,find}_conn() via 5cbcc78a40e s4:rpc_server/netlogon: make use of dcesrv_iface_state_{create,find}_conn() via c76a5be87bf s4:rpc_server: add dcesrv_iface_state_{store,find}_{assoc,conn}() helpers via 38e0c06abc7 s4:rpc_server: move bind_time_features to dcesrv_assoc_group via 6b02b94d037 s4:rpc_server: add a min_auth_level to context handles via d8293acdb4f s4:rpc_server: replace dce_conn->allow_request with auth->auth_finished via 13e52cc9292 s4:rpc_server: replace dce_conn->allow_auth3 with auth->auth_started via 0191516efcb s4:rpc_server: set auth_invalid = true on disconnect via b46df3a85c3 s4:rpc_server: split out log_successful_dcesrv_authz_event() via 76976eab01c s4:rpc_server: add some protection checks to dcesrv_auth_prepare_gensec() via 2640f60e885 s4:rpc_server: split out dcesrv_auth_prepare_gensec() via e2a05c3ad86 s4:rpc_server: allocate struct dcesrv_auth with talloc via 58021612583 s4:rpc_server: make use of dcesrv_call_state->auth_state in dcerpc_server.c via 097299ae7a4 s4:rpc_server: make use of dcesrv_call_state->auth_state in common/reply.c via 8ec932923b1 s4:rpc_server: make use of dcesrv_call_state->auth_state in
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 168079b2c36 tevent: deprecate tevent_wrapper api again via dcd0edfdc90 Revert "smbd: add smbd_server_connection->raw_ev_ctx pointer" via 47c443b4795 vfs_aio_pthread: add sync fallback via a307e798ddf vfs_aio_pthread: store conn instead of sconn in aio_open_private_data via e2f46c9333e vfs_aio_pthread: use struct initializer for aio_open_private_data via 2f406fee523 vfs_default: add sync fallback to fsync_send/recv via 4673a8b9e36 vfs_default: add sync fallback to pwrite_send/recv via bc539d8104f vfs_default: add sync fallback to pread_send/recv via 57e2fb018f2 s3:smbd: don't use async dosmode if per-thread cwd is not available via 5d8f495b01c s3:smbd: use passed in ev in smbd_smb2_query_directory_send() via 6ec96ac7098 Revert "vfs_glusterfs: explain that/why we use the raw tevent_context in init_gluster_aio()" via 46d3a1541a6 Revert "smbd: explain that/why we use the raw tevent_context for update_write_time_handler()" via bcb4723aacd Revert "smbd: explain that/why we use the raw tevent_context for lease_timeout_handler()" via 4036fc894f7 Revert "smbd: explain that/why we use the raw tevent_context for oplock_timeout_handler()" via 5afd19198b8 Revert "smbd: explain that/why we use the raw tevent_context for do_break_to_none()" via ac597b07069 Revert "smbd: explain that/why we use the raw tevent_context for linux_oplock_signal_handler()" via 523a64e25d8 Revert "smbd: use raw_ev_ctx to clear the MSG_SMB_CONF_UPDATED registration" via 296a15a00e4 Revert "smbd: add smbd_server_connection->{root,guest}_ev_ctx pointer" via 50995917905 Revert "smbd: use sconn->root_ev_ctx for brl_timeout_fn()" via 9d47128f7c9 Revert "smbd: use sconn->root_ev_ctx for smbd_sig_{term,hup}_handler()" via de10c611053 Revert "smbd: add an effective connection_struct->user_ev_ctx that holds the event context used for the current user" via 88016bac86a Revert "smbd: add an effective {smb,smbd_smb2}_request->ev_ctx that holds the event context used for the request processing" via 122e141b465 Revert "smbd: remove unused smbd_server_connection->ev_ctx" via 2a62a98f5c7 Revert "s3:messages: protect against usage of wrapper tevent_context objects for messaging" via 1c3676f3aa9 Revert "s3:messages: allow messaging_{dgm,ctdb}_register_tevent_context() to use wrapper tevent_context" via 26107832cd9 Revert "s3:messages: allow messaging_dgm_ref() to use wrapper tevent_context" via e2a5272ac68 Revert "s3:messages: allow messaging_filtered_read_send() to use wrapper tevent_context" via 0bd10a48e4c Revert "s4:messaging: make sure only imessaging_client_init() can be used with a wrapper tevent_context wrapper" via 78fa4408321 Revert "smbd: add [un]become_guest() helper functions" via 3aaf7c14706 Revert "smbd: add smbd_impersonate_debug_create() helper" via e717c9035ef Revert "smbd: add simple noop smbd_impersonate_{conn_vuid,conn_sess,root,guest}_create() wrappers" via 97a7f8864f3 Revert "smbd: make use of smbd_impersonate_{conn_vuid,conn_sess,root,guest}_create() wrappers" via 864e985168d Revert "smbd: implement smbd_impersonate_{conn_vuid,conn_sess,root,guest}_create() wrappers" via ac17919ae30 Revert "smbd: avoid explicit change_to_user() in defer_rename_done() already done by impersonation" via 3747dcb41f1 Revert "smbd: remove unused change_to_root_user() from smbd_sig_hup_handler()" via 718cc7a0d70 Revert "smbd: remove unused change_to_root_user() from brl_timeout_fn()" via 8e03cbe868d Revert "pthreadpool: split out pthreadpool_tevent_job from pthreadpool_tevent_job_state" via 44900b04338 Revert "pthreadpool: add pthreadpool_tevent_job_cancel()" via 9e4bc1f4a9b Revert "pthreadpool: maintain a global list of orphaned pthreadpool_tevent_jobs" via 991ca9b5646 Revert "pthreadpool: add some lockless coordination between the main and job threads" via d818e51174e Revert "pthreadpool: add helgrind magic to PTHREAD_TEVENT_JOB_THREAD_FENCE_*()" via 7882941b733 Revert "pthreadpool: maintain a list of job_states on each pthreadpool_tevent_glue" via 42e2ab7e997 Revert "pthreadpool: add a comment about a further optimization in pthreadpool_tevent_job_destructor()" via 7fd9bc3b6e5 Revert "pthreadpool: test cancelling and freeing pending pthreadpool_tevent jobs/pools" via 622ba5191d9 Revert "pthreadpool: add pthreadpool_tevent_[current_job_]per_thread_cwd()" via f4d6c48c65b Revert "pthreadpool: add tests for pthreadpool_tevent_[current_job_]per_thread_cwd()" via e94cd84bbf8 Revert "pthreadpool: call unshare(CLONE_FS) if available" via 67015e13ca2 Revert "pthreadpool: add
[SCM] Socket Wrapper Repository - branch master updated
The branch, master has been updated via cf436b6 swrap: Use #ifdef instead of #if for config.h definitions from 9413e43 swrap: Add an overflow check https://git.samba.org/?p=socket_wrapper.git;a=shortlog;h=master - Log - commit cf436b6d3e1d2c85d47e76e19519e36672ac93b8 Author: Andreas Schneider Date: Tue Nov 20 14:16:17 2018 +0100 swrap: Use #ifdef instead of #if for config.h definitions Signed-off-by: Andreas Schneider Reviewed-by: Volker Lendecke --- Summary of changes: src/socket_wrapper.c | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) Changeset truncated at 500 lines: diff --git a/src/socket_wrapper.c b/src/socket_wrapper.c index a0e1df0..ca0a833 100644 --- a/src/socket_wrapper.c +++ b/src/socket_wrapper.c @@ -2012,7 +2012,7 @@ static bool check_addr_port_in_use(const struct sockaddr *sa, socklen_t len) return false; } break; -#if HAVE_IPV6 +#ifdef HAVE_IPV6 case AF_INET6: if (len < sizeof(struct sockaddr_in6)) { return false; @@ -2059,7 +2059,7 @@ static bool check_addr_port_in_use(const struct sockaddr *sa, socklen_t len) return true; break; } -#if HAVE_IPV6 +#ifdef HAVE_IPV6 case AF_INET6: { struct sockaddr_in6 *sin1, *sin2; @@ -5303,7 +5303,7 @@ static ssize_t swrap_sendto(int s, const void *buf, size_t len, int flags, msg.msg_namelen = tolen; /* size of address */ msg.msg_iov = /* scatter/gather array */ msg.msg_iovlen = 1;/* # elements in msg_iov */ -#if HAVE_STRUCT_MSGHDR_MSG_CONTROL +#ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL msg.msg_control = NULL;/* ancillary data, see below */ msg.msg_controllen = 0;/* ancillary data buffer len */ msg.msg_flags = 0; /* flags on received message */ @@ -5534,7 +5534,7 @@ static ssize_t swrap_write(int s, const void *buf, size_t len) msg.msg_namelen = 0; /* size of address */ msg.msg_iov = /* scatter/gather array */ msg.msg_iovlen = 1;/* # elements in msg_iov */ -#if HAVE_STRUCT_MSGHDR_MSG_CONTROL +#ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL msg.msg_control = NULL;/* ancillary data, see below */ msg.msg_controllen = 0;/* ancillary data buffer len */ msg.msg_flags = 0; /* flags on received message */ @@ -5585,7 +5585,7 @@ static ssize_t swrap_send(int s, const void *buf, size_t len, int flags) msg.msg_namelen = 0; /* size of address */ msg.msg_iov = /* scatter/gather array */ msg.msg_iovlen = 1;/* # elements in msg_iov */ -#if HAVE_STRUCT_MSGHDR_MSG_CONTROL +#ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL msg.msg_control = NULL;/* ancillary data, see below */ msg.msg_controllen = 0;/* ancillary data buffer len */ msg.msg_flags = 0; /* flags on received message */ @@ -5949,7 +5949,7 @@ static ssize_t swrap_writev(int s, const struct iovec *vector, int count) msg.msg_namelen = 0; /* size of address */ msg.msg_iov = discard_const_p(struct iovec, vector); /* scatter/gather array */ msg.msg_iovlen = count;/* # elements in msg_iov */ -#if HAVE_STRUCT_MSGHDR_MSG_CONTROL +#ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL msg.msg_control = NULL;/* ancillary data, see below */ msg.msg_controllen = 0;/* ancillary data buffer len */ msg.msg_flags = 0; /* flags on received message */ -- Socket Wrapper Repository
[SCM] Socket Wrapper Repository - branch master updated
The branch, master has been updated via 9413e43 swrap: Add an overflow check from 8ccac24 Bump version to 1.2.1 https://git.samba.org/?p=socket_wrapper.git;a=shortlog;h=master - Log - commit 9413e433ea83095735ddb8dd080bceecde8a9b57 Author: Volker Lendecke Date: Sat Dec 29 20:20:13 2018 +0100 swrap: Add an overflow check Signed-off-by: Volker Lendecke Reviewed-by: Andreas Schneider --- Summary of changes: src/socket_wrapper.c | 5 + 1 file changed, 5 insertions(+) Changeset truncated at 500 lines: diff --git a/src/socket_wrapper.c b/src/socket_wrapper.c index df70df5..a0e1df0 100644 --- a/src/socket_wrapper.c +++ b/src/socket_wrapper.c @@ -4752,6 +4752,11 @@ static ssize_t swrap_sendmsg_before(int fd, for (i = 0; i < (size_t)msg->msg_iovlen; i++) { size_t nlen; nlen = len + msg->msg_iov[i].iov_len; + if (nlen < len) { + /* overflow */ + errno = EMSGSIZE; + goto out; + } if (nlen > mtu) { break; } -- Socket Wrapper Repository